ZyXEL Communications unified security gateway User Manual

ZyWALL USG 20/20W

Unified Security Gateway

Default Login Details

LAN Port P2, P3
IP Address https://192.168.1.1
User Name admin
Password 1234

www.zyxel.com

Version 2.21
Edition 4, 4/2011

www.zyxel.com

Copyright © 2011
ZyXEL Communications Corporation

About This User's Guide

About This User's Guide

Intended Audience

This manual is intended for people who want to want to configure the ZyWALL
using the Web Configurator.

How To Use This Guide

•Read Chapter 1 on page 29 chapter for an overview of features available on the
ZyWALL.

•Read Chapter 3 on page 43 for web browser requirements and an introduction
to the main components, icons and menus in the ZyWALL Web Configurator.

•Read Chapter 4 on page 59 if you’re using the installation wizard for first time
setup and you want more detailed information than what the real time online
help provides.

•Read Chapter 5 on page 69 if you’re using the quick setup wizards and you want
more detailed information than what the real time online help provides.

• It is highly recommended you read Chapter 6 on page 87 for detailed
information on essential terms used in the ZyWALL, what prerequisites are
needed to configure a feature and how to use that feature.

• It is highly recommended you read Chapter 7 on page 107 for ZyWALL
application examples.

• Subsequent chapters are arranged by menu item as defined in the Web
Configurator. Read each chapter carefully for detailed information on that menu
item.

• To find specific information in this guide, use the Contents Overview, the
Table of Contents, the Index, or search the PDF file. E-mail
techwriters@zyxel.com.tw if you cannot find the information you require.

Related Documentation

•Quick Start Guide

The Quick Start Guide is designed to show you how to make the ZyWALL
hardware connections and access the Web Configurator wizards. (See the
wizard real time help for information on configuring each screen.) It also
contains a connection diagram and package contents list.

•CLI Reference Guide

The CLI Reference Guide explains how to use the Command-Line Interface (CLI)
to configure the ZyWALL.

Note: It is recommended you use the Web Configurator to configure the ZyWALL.

ZyWALL USG 20/20W User’s Guide

3

About This User's Guide

• Web Configurator Online Help

Click the help icon in any screen for help in configuring that screen and
supplementary information.

• ZyXEL Web Site

Please refer to www.zyxel.com
product certifications.

for additional support documentation and

User Guide Feedback

Help us help you. Send all User Guide-related comments, questions or suggestions
for improvement to the following address, or use e-mail instead. Thank you!

The Technical Writing Team,
ZyXEL Communications Corp.,
6 Innovation Road II,
Science-Based Industrial Park,
Hsinchu, 300, Taiwan.

E-mail: techwriters@zyxel.com.tw

Need More Help?

More help is available at www.zyxel.com.

4

• Download Library

Search for the latest product updates and documentation from this link. Read
the Tech Doc Overview to find out how to efficiently use the User Guide, Quick
Start Guide and Command Line Interface Reference Guide in order to better
understand how to use your product.

• Knowledge Base

If you have a specific question about your product, the answer may be here.
This is a collection of answers to previously asked questions about ZyXEL
products.

ZyWALL USG 20/20W User’s Guide

About This User's Guide

•Forum

This contains discussions on ZyXEL products. Learn from others who use ZyXEL
products and share your experiences as well.

Customer Support

Should problems arise that cannot be solved by the methods listed above, you
should contact your vendor. If you cannot contact your vendor, then contact a
ZyXEL office for the region in which you bought the device.

See http://www.zyxel.com/web/contact_us.php for contact information. Please
have the following information ready when you contact an office.

• Product model and serial number.

•Warranty Information.

• Date that you received your device.

• Brief description of the problem and the steps you took to solve it.

Disclaimer

Graphics in this book may differ slightly from the product due to differences in
operating systems, operating system versions, or if you installed updated
firmware/software for your device. Every effort has been made to ensure that the
information in this manual is accurate.

ZyWALL USG 20/20W User’s Guide

5

Document Conventions

Warnings and Notes

These are how warnings and notes are shown in this User’s Guide.

Warnings tell you about things that could harm you or your device.

Note: Notes tell you other important information (for example, other things you may

need to configure or helpful tips) or recommendations.

Syntax Conventions

• The ZyWALL may be referred to as the “ZyWALL”, the “device”, the “system” or
the “product” in this User’s Guide.

• Product labels, screen names, field labels and field choices are all in bold font.

Document Conventions

• A key stroke is denoted by square brackets and uppercase text, for example,
[ENTER] means the “enter” or “return” key on your keyboard.

• “Enter” means for you to type one or more characters and then press the
[ENTER] key. “Select” or “choose” means for you to use one of the predefined
choices.

• A right angle bracket ( > ) within a screen name denotes a mouse click. For
example, Maintenance > Log > Log Setting means you first click

Maintenance in the navigation panel, then the Log sub menu and finally the
Log Setting tab to get to that screen.

• Units of measurement may denote the “metric” value or the “scientific” value.
For example, “k” for kilo may denote “1000” or “1024”, “M” for mega may
denote “1000000” or “1048576” and so on.

• “e.g.,” is a shorthand for “for instance”, and “i.e.,” means “that is” or “in other
words”.

6

ZyWALL USG 20/20W User’s Guide

Document Conventions

Icons Used in Figures

Figures in this User’s Guide may use the following generic icons. The ZyWALL icon
is not an exact representation of your device.

ZyWALL Computer Notebook computer

Server Firewall Telep h o n e

Switch Router

ZyWALL USG 20/20W User’s Guide

7

Safety Warnings

• Do NOT use this product near water, for example, in a wet basement or near a swimming
pool.

• Do NOT expose your device to dampness, dust or corrosive liquids.

• Do NOT store things on the device.

• Do NOT install, use, or service this device during a thunderstorm. There is a remote risk
of electric shock from lightning.

• Connect ONLY suitable accessories to the device.

• Do NOT open the device or unit. Opening or removing covers can expose you to
dangerous high voltage points or other risks. ONLY qualified service personnel should
service or disassemble this device. Please contact your vendor for further information.

• Make sure to connect the cables to the correct ports.

• Place connecting cables carefully so that no one will step on them or stumble over them.

• Always disconnect all cables from this device before servicing or disassembling.

• Use ONLY an appropriate power adaptor or cord for your device. Connect it to the right
supply voltage (for example, 110V AC in North America or 230V AC in Europe).

• Do NOT remove the plug and connect it to a power outlet by itself; always attach the plug
to the power adaptor first before connecting it to a power outlet.

• Do NOT allow anything to rest on the power adaptor or cord and do NOT place the
product where anyone can walk on the power adaptor or cord.

• Do NOT use the device if the power adaptor or cord is damaged as it might cause
electrocution.

• If the power adaptor or cord is damaged, remove it from the device and the power
source.

• Do NOT attempt to repair the power adaptor or cord. Contact your local vendor to order a
new one.

• Do not use the device outside, and make sure all the connections are indoors. There is a
remote risk of electric shock from lightning.

• CAUTION: RISK OF EXPLOSION IF BATTERY (on the motherboard) IS REPLACED BY AN
INCORRECT TYPE. DISPOSE OF USED BATTERIES ACCORDING TO THE INSTRUCTIONS.
Dispose them at the applicable collection point for the recycling of electrical and
electronic equipment. For detailed information about recycling of this product, please
contact your local city office, your household waste disposal service or the store where
you purchased the product.

• Do NOT obstruct the device ventilation slots, as insufficient airflow may harm your
device.

• Antenna Warning! This device meets ETSI and FCC certification requirements when using
the included antenna(s). Only use the included antenna(s).

• If you wall mount your device, make sure that no electrical lines, gas or water pipes will
be damaged.

Safety Warnings

8

Your product is marked with this symbol, which is known as the WEEE mark. WEEE
stands for Waste Electronics and Electrical Equipment. It means that used electrical
and electronic products should not be mixed with general waste. Used electrical and
electronic equipment should be treated separately.

ZyWALL USG 20/20W User’s Guide

Contents Overview

Contents Overview

User’s Guide .............................................................................................. .......... ...................27

Introducing the ZyWALL ............................................................................................................ 29

Features and Applications ......................................................................................................... 37

Web Configurator ......................................... .... ... ... ... .... ... ... ............................................. .......... 43

Installation Setup Wizard .................................... ............................................................. ..........59

Quick Setup ............................................................................................................................... 69

Configuration Basics .............. ............................................. ... .... ................................................ 87

Tutorials ................................................................................................. ..................................107

Technical Reference ............................................................................................................163

Dashboard ............................................................................................................................... 165

Monitor ...................................... ....................... ................... ....................... .............................. 177

Registration ..............................................................................................................................211

Interfaces ..................................... .................................................... ........................................ 217

Trunks .................................................... .......................................... ........................................ 289

Policy and Static Routes ..........................................................................................................297

Routing Protocols .................................................................................................................... 313

Zones .............................. .................... ................... .................... ................... ........................... 327

DDNS ......................................................................................................................................331

NAT ................................. ............................. .............................. ............................. ................. 337

HTTP Redirect ......................................................................................................................... 347

ALG ......................................................................................................................................... 351

IP/MAC Binding ....................................................................................................................... 359

Authentication Policy ............. ... ... .... ............................................. ... ... ..................................... 365

Firewall .................................................................................................................................... 373

IPSec VPN ................... ............................................. .... ... ............................................. ........... 391

SSL VPN ................................................................................................................................. 427

SSL User Screens .................................................................................................................. 437

SSL User Application Screens ................................................................................................447

ZyWALL SecuExtender ...... ... ... ... .... ... ... ... ............................................. .... ... ... ........................ 449

Bandwidth Management ........................................................................................................ 453

ADP ......................................................................................................................................... 467

Content Filtering .......... ... .... ... ............................................. ... .... .............................................. 487

Content Filter Reports ............................................................................................................. 513

Anti-Spam ................................................................................................................................ 521

User/Group .............................................................................................................................. 539

Addresses ........................... ................... ................... .................... ................... ........................ 555

Services .............................. ....................................................... .............................................. 561

ZyWALL USG 20/20W User’s Guide

9

Contents Overview

Schedules .............................. ................................................ .................................................. 567

AAA Server .............................................................................................................................. 573

Authentication Method .............................. ... .... ... ............................................. ... .... ... ..............583

Certificates ................................... ....................... ................... ....................... ........................... 589

ISP Accounts ............................................ ... .... ... ............................................. ... .... ..................611

SSL Application ....................................................................................................................... 615

Endpoint Security .................................................................................................................... 621

System ................................ ...................... ....................... ...................... .................................. 629

Log and Report ........................................................................................................................ 679

File Manager ............................................................................................................................693

Diagnostics ............................................................................................................................ 705

Packet Flow Explore ................................................................................................................ 715

Reboot ..................................................................................................................................... 723

Shutdown ......................................... ............................. ......................... .................................. 725

Troubleshooting .................................................. ..................................................................... 727

Product Specifications ............................................................................................................. 741

10

ZyWALL USG 20/20W User’s Guide

Table of Contents

Table of Contents

About This User's Guide..........................................................................................................3

Document Conventions............................................................................................................6

Safety Warnings ........................................................................................................................8

Contents Overview ...................................................................................................................9

Table of Contents....................................................................................................................11

Part I: User’s Guide................................................................................ 27

Chapter 1

Introducing the ZyWALL ........................................................................................................29

1.1 Overview and Key Default Settings .....................................................................................29

1.2 Wall-mounting ........ ... .... ... ... ... .............................................. ... ... .......................................... 29

1.3 Front Panel ............................................ .... ... ... ............................................. .... ... ................32

1.3.1 Front Panel LEDs ...................................... .... ... ... ............................................. ... .... ... 32

1.4 Management Overview .......... .............................................. ... ... ..........................................33

1.5 Starting and Stopping the ZyWALL ............................ ... ... .... ... ... ... ....................................... 34

Chapter 2

Features and Applications.....................................................................................................37

2.1 Features ............................................. ............................................. .... ... ............................. 37

2.2 Applications ........... ... .............................................. ... ... ... .................................................... 39

2.2.1 VPN Connectivity ................ ... ............................................. ... .... ... ............................. 39

2.2.2 SSL VPN Network Access ............... ............................................. ... ... ....................... 39

2.2.3 User-Aware Access Control ....................................................................................... 41

Chapter 3

Web Configurator....................................................................................................................43

3.1 Web Configurator Requirements ......................................................................................... 43

3.2 Web Configurator Access ....................................................................................................43

3.3 Web Configurator Screens Overview .................................................................................. 45

3.3.1 Title Bar .................................. ... ... .............................................. ... ... .......................... 46

3.3.2 Navigation Panel .......... .... ... ... ... ... .... .......................................................................... 47

3.3.3 Main Window .......................... ............................................. ... .... ................................52

3.3.4 Tables and Lists ........ ... .... ... ... ... ... .............................................. ... ... ..........................54

ZyWALL USG 20/20W User’s Guide

11

Table of Contents

Chapter 4

Installation Setup Wizard.......................................................................................................59

4.1 Installation Setup Wizard Screens ...................................................................................... 59

4.1.1 Internet Access Setup - WAN Interface ..................................................................... 59

4.1.2 Internet Access: Ethernet .......................................................................................... 60

4.1.3 Internet Access: PPPoE ............................................................................................. 61

4.1.4 Internet Access: PPTP .............................................................................................. 63

4.1.5 ISP Parameters ................................... ... ... .............................................. ... ... .............63

4.1.6 Internet Access - Finish .............................................................................................65

4.2 Device Registration ........................................................................................................... 65

Chapter 5

Quick Setup.............................................................................................................................69

5.1 Quick Setup Overview ..................................... ............................................. .... ... ................69

5.2 WAN Interface Quick Setup .................................................................................................70

5.2.1 Choose an Ethernet Interface ....................... ... ... ... .... ... ... .......................................... 70

5.2.2 Select WAN Type ................................... ... .... ... ... ... .... ... ............................................. 70

5.2.3 Configure WAN Settings ............................................................................................ 71

5.2.4 WAN and ISP Connection Settings ............................................................................ 72

5.2.5 Quick Setup Interface Wizard: Summary ................................................................... 74

5.3 VPN Quick Setup .......... ... ... ............................................. .... ... ............................................. 75

5.4 VPN Setup Wizard: Wizard Type ......................................................................................... 76

5.5 VPN Express Wizard - Scenario ......................................................................................... 77

5.5.1 VPN Express Wizard - Configuration ................................. ....................................... 78

5.5.2 VPN Express Wizard - Summary ................................. ... ... ....................................... 79

5.5.3 VPN Express Wizard - Finish .................................................................................... 80

5.5.4 VPN Advanced Wizard - Scenario ............................................................................ 81

5.5.5 VPN Advanced Wizard - Phase 1 Settings ...............................................................82

5.5.6 VPN Advanced Wizard - Phase 2 ............................................................................. 83

5.5.7 VPN Advanced Wizard - Summary ........................................................................... 85

5.5.8 VPN Advanced Wizard - Finish ................................................................................. 86

Chapter 6

Configuration Basics..............................................................................................................87

6.1 Object-based Configuration .......................... ... ... .... ............................................. ... ... ... .......87

6.2 Zones, Interfaces, and Physical Ports ................................................................................. 88

6.2.1 Interface Types .................................................... ... .... ... ............................................. 89

6.2.2 Default Interface and Zone Configuration .................................................................. 90

6.3 Terminology in the ZyWALL ....................... ... ... ... .... ............................................. ... ... ... .......91

6.4 Packet Flow ........................................... .............................................. ... ... .......................... 91

6.4.1 Routing Table Checking Flow ..................................................................................... 92

6.4.2 NAT Table Checking Flow .......................................................................... ... ... ... .... ... 94

6.5 Feature Configuration Overview ......................................................................................... 95

12

ZyWALL USG 20/20W User’s Guide

Table of Contents

6.5.1 Feature ...................................... ... .... ... ............................................. ... .... ... ................95

6.5.2 Licensing Registration ............................ ... .... ... ............................................. ... ... .... ... 96

6.5.3 Interface ....................... .... ... ... ............................................. ... .... ................................ 96

6.5.4 Trunks ................. ... ... ... .... ... ... ............................................. ... .... ................................ 96

6.5.5 Policy Routes ...................... ... ............................................. ... .... ... ............................. 96

6.5.6 Static Routes .................................... ... ............................................. ... .... ................... 98

6.5.7 Zones ..................... ... ............................................. .... ... ... .......................................... 98

6.5.8 DDNS ..... ... ............................................. ... .... ............................................. ... ... ... ....... 98

6.5.9 NAT .............................................. .... ... ... ............................................. .... ... ................ 98

6.5.10 HTTP Redirect ......................................................................................................... 99

6.5.11 ALG ........................................................................................................................ 100

6.5.12 Auth. Policy ............................................................................................................100

6.5.13 Firewall ................................................................................................................... 100

6.5.14 IPSec VPN ............................................................................................................. 101

6.5.15 SSL VPN ................................................................................................................ 101

6.5.16 Bandwidth Management ........................................................................................102

6.5.17 ADP ........................................................................................................................ 102

6.5.18 Content Filter ..........................................................................................................102

6.5.19 Anti-Spam ...............................................................................................................103

6.6 Objects ............................................ ............................................. ... .... .............................. 103

6.6.1 User/Group ....................... ............................................. ... ... .....................................104

6.7 System ............. ............................................. ... ... .............................................. ... ..............105

6.7.1 DNS, WWW, SSH, TELNET, FTP, SNMP, Vantage CNM ........................................105

6.7.2 Logs and Reports ..................................................................................................... 105

6.7.3 File Manager .......................... ... ... .... ............................................. ... ... ..................... 106

6.7.4 Diagnostics ................ ... .... ... ... ... ... .............................................. ... ... ........................ 106

6.7.5 Shutdown ..................... .... ... ... ............................................. ... .... ..............................106

Chapter 7

Tutorials.................................................................................................................................107

7.1 How to Configure Interfaces, Port Roles, and Zones ........................................................ 107

7.1.1 Configure a WAN Ethernet Interface ................................ ... ... .... ... ... ... .... ... ... ... ....... . 108

7.1.2 Configure Port Roles ................................................................................................ 109

7.1.3 Configure the DMZ Interface for a Local Network ............... ..................................... 109

7.1.4 Configure Zones ........................... .............................................. ... ... .........................110

7.2 How to Configure a Cellular Interface . ... .... ... ... ... .............................................. ... ... ... .........111

7.3 How to Configure Load Balancing ......................................................................................113

7.3.1 Set Up Available Bandwidth on Ethernet Interfaces .................................................113

7.3.2 Configure the WAN Trunk .........................................................................................114

7.4 How to Set Up an IPSec VPN Tunnel .................................................................................116

7.4.1 Set Up the VPN Gateway ..........................................................................................117

7.4.2 Set Up the VPN Connection ......................................................................................118

7.4.3 Configure Security Policies for the VPN Tunnel ...................................... ..................119

ZyWALL USG 20/20W User’s Guide

13

Table of Contents

7.5 How to Configure User-aware Access Control .................................................................. 120

7.5.1 Set Up User Accounts .............................................................................................. 120

7.5.2 Set Up User Groups ................................................................................................. 121

7.5.3 Set Up User Authentication Using the RADIUS Server .......................... ... ... ... ... .... . 122

7.6 How to Use a RADIUS Server to Authenticate User Accounts based on Groups ............. 124

7.7 How to Use Endpoint Security and Authentication Policies ............................................... 126

7.7.1 Configure the Endpoint Security Objects ................................................................. 126

7.7.2 Configure the Authentication Policy ......................................................................... 128

7.8 How to Configure Service Control ..................................................................................... 129

7.8.1 Allow HTTPS Administrator Access Only From the LAN ......................................... 130

7.9 How to Allow Incoming H.323 Peer-to-peer Calls ............................................... ... ... ... .... . 132

7.9.1 Turn On the ALG .............................. ... ............................................. ... .... ................. 133

7.9.2 Set Up a NAT Policy For H.323 ................................................................................133

7.9.3 Set Up a Firewall Rule For H.323 ............................................................................ 135

7.10 How to Allow Public Access to a Web Server .......................... ...... ....... ...... ....... ...... ....... . 136

7.10.1 Create the Address Objects ...................................................................................137

7.10.2 Configure NAT ........................................................................................................ 137

7.10.3 Set Up a Firewall Rule ........................................................................................... 138

7.11 How to Use an IPPBX on the DMZ .................................................................................. 139

7.11.1 Turn On the ALG .................................................................................................... 141

7.11.2 Create the Address Objects ................................................................................... 141

7.11.3 Setup a NAT Policy for the IPPBX .......................................................................... 142

7.11.4 Set Up a WAN to DMZ Firewall Rule for SIP .......................................................... 143

7.11.5 Set Up a DMZ to LAN Firewall Rule for SIP ......... .... ... ........................................... 144

7.12 How to Use Multiple Static Public WAN IP Addresses for LAN to WAN Traffic ............... 145

7.12.1 Create the Public IP Address Range Object ............ .............................................. 1 45

7.12.2 Configure the Policy Route .................................................................................... 146

7.13 How to Set Up a Wireless LAN ........................................................................................ 146

7.13.1 Set Up User Accounts ....................................... ... .... ... ........................................... 147

7.13.2 Create the WLAN Interface ....................................................................................147

7.13.3 Set Up the Wireless Clients to Use the WLAN Interface ........................................ 150

Part II: Technical Reference................................................................ 163

Chapter 8

Dashboard.............................................................................................................................165

8.1 Overview .......... ... ... ... .... ... ... ... .............................................. ... ... ... ..................................... 165

8.1.1 What Y ou Can Do in this Chapter ............................................................................165

8.2 The Dashboard Screen ..................................................................................................... 165

8.2.1 The CPU Usage Screen ........................................................................................... 171

8.2.2 The Memory Usage Screen ...................... .... ... ... ............................................. ... .... . 172

14

ZyWALL USG 20/20W User’s Guide

Table of Contents

8.2.3 The Active Sessions Screen .................................................................................... 173

8.2.4 The VPN Status Screen ................................................ ... ... ... .................................. 174

8.2.5 The DHCP Table Screen ..........................................................................................174

8.2.6 The Number of Login Users Screen ................................. ... ... .... ... ... ... .... ... ... ... ....... . 175

Chapter 9

Monitor...................................................................................................................................177

9.1 Overview .......... ... ... ... .... ... ... ... .............................................. ... ... ... ..................................... 177

9.1.1 What Y ou Can Do in this Chapter ............................................................................177

9.2 The Port Statistics Screen ................................................................................................178

9.2.1 The Port Statistics Graph Screen ................. ... ... ... .... ... ... ... ..................................... 180

9.3 Interface Status Screen ..................................................................................................... 181

9.4 The Traffic Statistics Screen ..............................................................................................183

9.5 The Session Monitor Screen .................... ... ... ... .............................................. ... ... ........... 186

9.6 The DDNS Status Screen .................................................................................................. 189

9.7 IP/MAC Binding Monitor ............ ... ............................................. ... ... .... .............................. 189

9.8 The Login Users Screen ................................................................................................... 190

9.9 WLAN Status Screen .........................................................................................................191

9.10 The following table describes the labels in this menu.Cellular Status Screen ................. 192

9.10.1 More Information ............................ ....................................................................... . 194

9.11 USB Storage Screen ........................................................................................................195

9.12 The IPSec Monitor Screen .............................................................................................. 196

9.12.1 Regular Expressions in Searching IPSec SAs ....................................................... 198

9.13 The SSL Connection Monitor Screen ..............................................................................198

9.14 The Content Filter Statistics Screen ................................................................................ 200

9.15 Content Filter Cache Screen ........................................................................................... 202

9.16 The Anti-Spam Statistics Screen ..................................................................................... 204

9.17 The Anti-Spam Status Screen .........................................................................................206

9.18 Log Screen ...................................................................................................................... 207

Chapter 10

Registration...........................................................................................................................211

10.1 Overview ...........................................................................................................................211

10.1.1 What You Can Do in this Chapter ...........................................................................211

10.1.2 What you Need to Know .........................................................................................211

10.2 The Registration Screen .................................................................................................. 212

10.3 The Service Screen ......................................................................................................... 214

Chapter 11

Interfaces...............................................................................................................................217

11.1 Interface Overview ........................................................................................................... 217

11.1.1 What You Can Do in this Chapter ................................ ... ... ... .... .............................. 217

11.1.2 What You Need to Know ........................................................................................ 218

ZyWALL USG 20/20W User’s Guide

15

Table of Contents

11.2 Port Role .................................................................... ... .... ... ........................................... 220

11.3 Ethernet Summary Screen ............................................................................................... 222

11.3.1 Ethernet Edit ..........................................................................................................223

11.3.2 Object References .................................................................................................. 232

11.4 PPP Interfaces ................................................................................................................233

11.4.1 PPP Interface Summary ......................................................................................... 234

11.4.2 PPP Interface Add or Edit ..................................................................................... 2 35

11.5 Cellular Configuration Screen (3G) .................................................................................. 239

11.5.1 Cellular Add/Edit Screen ........................................................................................ 241

11.6 WLAN Interface General Screen ..................................................................................... 248

11.6.1 WLAN Add/Edit Screen .......................................................................................... 252

11.6.2 WLAN Add/Edit: WEP Security .............................................................................. 258

11.6.3 WLAN Add/Edit: WPA-PSK/WPA2-PSK Security ................................................... 259

11.6.4 WLAN Add/Edit: WPA/WPA2 Security .................................................................... 260

11.7 WLAN Interface MAC Filter ............................................................................................. 262

11.8 VLAN Interfaces .............................................................................................................. 264

11.8.1 VLAN Summary Screen ......................................................................................... 266

11.8.2 VLAN Add/Edit ...................................................................................................... 267

11.9 Bridge Interfaces ............................................................................................................. 274

11.9.1 Bridge Summary .....................................................................................................276

11.9.2 Bridge Add/Edit ................................................... .... ... ... ... ... .... .............................. 277

11.9.3 Virtual Interfaces Add/Edit ...................................................................................... 282

11.10 Interface Technical Reference ....................................................................................... 284

Chapter 12

Trunks....................................................................................................................................289

12.1 Overview .......................................................................................................................... 289

12.1.1 What You Can Do in this Chapter .......................................................................... 289

12.1.2 What You Need to Know ........................................................................................ 290

12.2 The Trunk Summary Screen .............................................. ... ... ... ... .................................. 292

12.3 Configuring a Trunk ........................................................................................................ 293

12.4 Trunk Technical Reference .............................................................................................. 295

Chapter 13

Policy and Static Routes......................................................................................................297

13.1 Policy and Static Routes Overview .................................................................................. 297

13.1.1 What You Can Do in this Chapter .......................................................................... 297

13.1.2 What You Need to Know ....................................................................................... 298

13.2 Policy Route Screen ........................................................................................................ 300

13.2.1 Policy Route Edit Screen ....................................................................................... 303

13.3 IP Static Route Screen ....................................................................................................307

13.3.1 Static Route Add/Edit Screen ................................................................................. 308

13.4 Policy Routing Technical Reference ................................................................................ 309

16

ZyWALL USG 20/20W User’s Guide

Table of Contents

Chapter 14

Routing Protocols .................................................................................................................313

14.1 Routing Protocols Overview ............................................................................................ 313

14.1.1 What You Can Do in this Chapter .......................................................................... 313

14.1.2 What You Need to Know ........................................................................................ 313

14.2 The RIP Screen ... ... .... ............................................. ... ... ............................................. ..... 314

14.3 The OSPF Screen ................... ... ... ... ............................................. .... ... ...........................315

14.3.1 Configuring the OSPF Screen .................................. ......... .......... .......... ......... ........ 319

14.3.2 OSPF Area Add/Edit Screen ................................................................................. 322

14.3.3 Virtual Link Add/Edit Screen ................................................................................. 323

14.4 Routing Protocol Technical Reference ............................................................................ 324

Chapter 15

Zones .....................................................................................................................................327

15.1 Zones Overview ............................................................................................................... 327

15.1.1 What You Can Do in this Chapter .......................................................................... 327

15.1.2 What You Need to Know ........................................................................................ 328

15.2 The Zone Screen ................................. .... ... ... ............................................. .... ... ... ...........329

15.3 Zone Edit ........................................................................................................................ 330

Chapter 16

DDNS......................................................................................................................................331

16.1 DDNS Overview .............................................................................................................. 331

16.1.1 What You Can Do in this Chapter .......................................................................... 331

16.1.2 What You Need to Know ........................................................................................ 331

16.2 The DDNS Screen ...........................................................................................................332

16.2.1 The Dynamic DNS Add/Edit Screen ...................................................................... 334

Chapter 17

NAT.........................................................................................................................................337

17.1 NAT Overview .................................................................................................................. 337

17.1.1 What You Can Do in this Chapter .......................................................................... 337

17.1.2 What You Need to Know ........................................................................................ 338

17.2 The NAT Screen ......................................... ............................................. ... .... .................338

17.2.1 The NAT Add/Edit Screen .... ... ... .... ........................................................................ 340

17.3 NAT Technical Reference ................................................................................................ 343

Chapter 18

HTTP Redirect.......................................................................................................................347

18.1 Overview .......................................................................................................................... 347

18.1.1 What You Can Do in this Chapter .......................................................................... 347

18.1.2 What You Need to Know ........................................................................................ 348

18.2 The HTTP Redirect Screen ............................................................................................. 349

ZyWALL USG 20/20W User’s Guide

17

Table of Contents

18.2.1 The HTTP Redirect Edit Screen ............................................................................. 350

Chapter 19

ALG ........................................................................................................................................351

19.1 ALG Overview ................................................................................................................. 351

19.1.1 What You Can Do in this Chapter .......................................................................... 351

19.1.2 What You Need to Know ........................................................................................ 352

19.1.3 Before You Begin ...................................................................................................355

19.2 The ALG Screen ..............................................................................................................355

19.3 ALG Technical Reference ................................................................................................ 357

Chapter 20

IP/MAC Binding.....................................................................................................................359

20.1 IP/MAC Binding Overview ............................................................................................... 359

20.1.1 What You Can Do in this Chapter .......................................................................... 359

20.1.2 What You Need to Know ........................................................................................ 360

20.2 IP/MAC Binding Summary ............................................................................................... 360

20.2.1 IP/MAC Binding Edit ............................................................................................... 361

20.2.2 Static DHCP Edit .................................................................................................... 362

20.3 IP/MAC Binding Exempt List ........................................................................................... 363

Chapter 21

Authentication Policy...........................................................................................................365

21.1 Overview .......................................................................................................................... 365

21.1.1 What You Can Do in this Chapter .......................................................................... 365

21.1.2 What You Need to Know ........................................................................................ 366

21.2 Authentication Policy Screen ........................................................................................... 366

21.2.1 Creating/Editing an Authentication Policy .............................................................. 369

Chapter 22

Firewall...................................................................................................................................373

22.1 Overview .......................................................................................................................... 373

22.1.1 What You Can Do in this Chapter .......................................................................... 373

22.1.2 What You Need to Know ........................................................................................ 374

22.1.3 Firewall Rule Example Applications .................................. .....................................376

22.1.4 Firewall Rule Configuration Example ..................................................................... 379

22.2 The Firewall Screen ................. ... ............................................. ... ... .... .............................. 381

22.2.1 Configuring the Firewall Screen ............................... .............................................. 3 82

22.2.2 The Firewall Add/Edit Screen ................................................................................. 385

22.3 The Session Limit Screen ................................................................................................ 386

22.3.1 The Session Limit Add/Edit Screen ........................................................................ 388

Chapter 23

IPSec VPN..............................................................................................................................391

18

ZyWALL USG 20/20W User’s Guide

Table of Contents

23.1 IPSec VPN Overview .......................................................................................................391

23.1.1 What You Can Do in this Chapter .......................................................................... 391

23.1.2 What You Need to Know ........................................................................................ 392

23.1.3 Before You Begin ...................................................................................................394

23.2 The VPN Connection Screen .......................................................................................... 394

23.2.1 The VPN Connection Add/Edit (IKE) Screen ......................................................... 396

23.2.2 The VPN Connection Add/Edit Manual Key Screen .............................................. 403

23.3 The VPN Gateway Screen .............................................................................................. 406

23.3.1 The VPN Gateway Add/Edit Screen ...................................................................... 407

23.4 IPSec VPN Background Information ............................................................................... 415

Chapter 24

SSL VPN.................................................................................................................................427

24.1 Overview .......................................................................................................................... 427

24.1.1 What You Can Do in this Chapter .......................................................................... 427

24.1.2 What You Need to Know ........................................................................................ 427

24.2 The SSL Access Privilege Screen ................................................................................... 429

24.2.1 The SSL Access Policy Add/Edit Screen .............................................................. 430

24.3 The SSL Global Setting Screen ............... ... ... ... .... ... ... ............................................. ... .... . 433

24.3.1 How to Upload a Custom Logo .............................................................................. 434

24.4 Establishing an SSL VPN Connection ............................................................................. 435

Chapter 25

SSL User Screens................................................................................................................437

25.1 Overview .......................................................................................................................... 437

25.1.1 What You Need to Know ........................................................................................ 437

25.2 Remote User Login ..........................................................................................................438

25.3 The SSL VPN User Screens ................................................ ........................................... 443

25.4 Bookmarking the ZyWALL ............................................................................................... 444

25.5 Logging Out of the SSL VPN User Screens ....................................................................444

Chapter 26

SSL User Application Screens ............................................................................................447

26.1 SSL User Application Screens Overview ........................................................................ 447

26.2 The Application Screen ...................................................................................................447

Chapter 27

ZyWALL SecuExtender.........................................................................................................449

27.1 The ZyWALL SecuExtender Icon .................................................................................... 449

27.2 Statistics .......................................................................................................................... 450

27.3 View Log ..........................................................................................................................451

27.4 Suspend and Resume the Connection ....................... ..................................................... 451

27.5 Stop the Connection ........................................................................................................452

ZyWALL USG 20/20W User’s Guide

19

Table of Contents

27.6 Uninstalling the ZyWALL SecuExtender .......................................................................... 452

Chapter 28

Bandwidth Management.....................................................................................................453

28.1 Overview .......................................................................................................................... 453

28.1.1 What You Can Do in this Chapter .......................................................................... 453

28.1.2 What You Need to Know ....................................................................................... 453

28.1.3 Bandwidth Management Examples ................................ ................... .................... . 457

28.2 TheBandwidth Management Screen ............................................................................... 461

28.2.1 The Bandwidth Management Add/Edit Screen .............. ... ..................................... 463

Chapter 29

ADP ........................................................................................................................................467

29.1 Overview .......................................................................................................................... 467

29.1.1 ADP ........................................................................................................................ 467

29.1.2 What You Can Do in this Chapter ......................................................................... 467

29.1.3 What You Need To Know ....................................................................................... 467

29.1.4 Before You Begin ...................................................................................................468

29.2 The ADP General Screen ........................ ................................................... ..................... 469

29.3 The Profile Summary Screen .......................................................................................... 470

29.3.1 Base Profiles ..........................................................................................................471

29.3.2 Configuring The ADP Profile Summary Screen ..................................................... 471

29.3.3 Creating New ADP Profiles ............................ ........................................................ 472

29.3.4 Traffic Anomaly Profiles ........................................................................................ 472

29.3.5 Protocol Anomaly Profiles .................................................................................... . 475

29.3.6 Protocol Anomaly Configuration ............................................................................. 475

29.4 ADP Technical Reference ................................................................................................ 479

Chapter 30

Content Filtering...................................................................................................................487

30.1 Overview .......................................................................................................................... 487

30.1.1 What You Can Do in this Chapter .......................................................................... 487

30.1.2 What You Need to Know ........................................................................................ 487

30.1.3 Before You Begin ...................................................................................................489

30.2 Content Filter General Screen .................... ....................................................... ..............489

30.3 Content Filter Policy Add or Edit Screen ......................................................................... 492

30.4 Content Filter Profile Screen .......................................................................................... 494

30.5 Content Filter Categories Screen ................................................................................... 494

30.5.1 Content Filter Blocked and Warning Messages ..................................................... 508

30.6 Content Filter Customization Screen .............................................................................. 508

30.7 Content Filter Technical Reference ..................................................................................511

Chapter 31

Content Filter Reports..........................................................................................................513

20

ZyWALL USG 20/20W User’s Guide

Table of Contents

31.1 Overview .......................................................................................................................... 513

31.2 Viewing Content Filter Reports ............................................. ........................................... 5 13

Chapter 32

Anti-Spam..............................................................................................................................521

32.1 Overview .......................................................................................................................... 521

32.1.1 What You Can Do in this Chapter .......................................................................... 521

32.1.2 What You Need to Know ........................................................................................ 521

32.2 Before You Begin ............................................................................................................. 523

32.3 The Anti-Spam General Screen ....................................................................................... 523

32.3.1 The Anti-Spam Policy Add or Edit Screen ................................................ .............. 525

32.4 The Anti-Spam Black List Screen .................................................................................... 527

32.4.1 The Anti-Spam Black or White List Add/Edit Screen ...................................... ... .... . 529

32.4.2 Regular Expressions in Black or White List Entries ...............................................530

32.5 The Anti-Spam White List Screen .................................................................................... 531

32.6 The DNSBL Screen ......................................................................................................... 532

32.7 Anti-Spam Technical Reference ...................................................................................... 534

Chapter 33

User/Group............................................................................................................................539

33.1 Overview .......................................................................................................................... 539

33.1.1 What You Can Do in this Chapter .......................................................................... 539

33.1.2 What You Need To Know ....................................................................................... 539

33.2 User Summary Screen .................................................................................................... 542

33.2.1 User Add/Edit Screen ........................... .......... .......... ......... ....... ......... .......... .......... . 542

33.3 User Group Summary Screen ......................................................................................... 545

33.3.1 Group Add/Edit Screen .......................................................................................... 546

33.4 Setting Screen ................................................................................................................ 547

33.4.1 Default User Authentication Timeout Settings Edit Screens .................................. 550

33.4.2 User Aware Login Example ............... ... ... .............................................. ... ... ... ........552

33.5 User /Group Technical Reference ................................................................................... 553

Chapter 34

Addresses..............................................................................................................................555

34.1 Overview .......................................................................................................................... 555

34.1.1 What You Can Do in this Chapter .......................................................................... 555

34.1.2 What You Need To Know ....................................................................................... 555

34.2 Address Summary Screen ....................... ........................................................................ 555

34.2.1 Address Add/Edit Screen ....................................................................................... 557

34.3 Address Group Summary Screen ............................... ....................... ...................... ........ 558

34.3.1 Address Group Add/Edit Screen ............................................................................ 559

Chapter 35

Services.................................................................................................................................561

ZyWALL USG 20/20W User’s Guide

21

Table of Contents

35.1 Overview .......................................................................................................................... 561

35.1.1 What You Can Do in this Chapter .......................................................................... 561

35.1.2 What You Need to Know ........................................................................................ 561

35.2 The Service Summary Screen ....................... .......................... .......................... .............. 562

35.2.1 The Service Add/Edit Screen ............................ ..................................................... 564

35.3 The Service Group Summary Screen ........................ ....... ... ... ... ... .... ... ... ... .... ... ... ... ... .... . 564

35.3.1 The Service Group Add/Edit Screen ...................................................................... 566

Chapter 36

Schedules..............................................................................................................................567

36.1 Overview .......................................................................................................................... 567

36.1.1 What You Can Do in this Chapter .......................................................................... 567

36.1.2 What You Need to Know ........................................................................................ 567

36.2 The Schedule Summary Screen ...................................................................................... 568

36.2.1 The One-Time Schedule Add/Edit Screen ............................................................. 569

36.2.2 The Recurring Schedule Add/Edit Screen ............................................ ... ... ... ... .... . 570

Chapter 37

AAA Server............................................................................................................................573

37.1 Overview .......................................................................................................................... 573

37.1.1 Directory Service (AD/LDAP) ................................................................ ................. 573

37.1.2 RADIUS Server ...................................................................................................... 574

37.1.3 ASAS ......................................................................................................................574

37.1.4 What You Can Do in this Chapter .......................................................................... 574

37.1.5 What You Need To Know ....................................................................................... 575

37.2 Active Directory or LDAP Server Summary ..................................................................... 577

37.2.1 Adding an Active Directory or LDAP Server ............. ............ ............. ............. ........ 577

37.3 RADIUS Server Summary ............................................................................................... 579

37.3.1 Adding a RADIUS Server ...................................................................................... 581

Chapter 38

Authentication Method.........................................................................................................583

38.1 Overview .......................................................................................................................... 583

38.1.1 What You Can Do in this Chapter .......................................................................... 583

38.1.2 Before You Begin ...................................................................................................583

38.1.3 Example: Selecting a VPN Authentication Method ................................................ 583

38.2 Authentication Method Objects ...................................... ................................. ................. 584

38.2.1 Creating an Authentication Method Object ........................................... ................. 585

Chapter 39

Certificates ............................................................................................................................589

39.1 Overview .......................................................................................................................... 589

39.1.1 What You Can Do in this Chapter .......................................................................... 589

22

ZyWALL USG 20/20W User’s Guide

Table of Contents

39.1.2 What You Need to Know ........................................................................................ 589

39.1.3 Verifying a Certificate ............................................................................................. 591

39.2 The My Certificates Screen ............................................................................................. 593

39.2.1 The My Certificates Add Screen ............................................................................ 594

39.2.2 The My Certificates Edit Screen ..................................................... ... .... ... .............. 599

39.2.3 The My Certificates Import Screen ........................................................................ 602

39.3 The Trusted Certificates Screen ..................................................................................... 603

39.3.1 The Trusted Certificates Edit Screen .................................................................... 604

39.3.2 The Trusted Certificates Import Screen ................................................................ 608

39.4 Certificates Technical Reference ..................................................................................... 609

Chapter 40

ISP Accounts.........................................................................................................................611

40.1 Overview ...........................................................................................................................611

40.1.1 What You Can Do in this Chapter ...........................................................................611

40.2 ISP Account Summary .....................................................................................................611

40.2.1 ISP Account Edit ................................................................................................... 612

Chapter 41

SSL Application ....................................................................................................................615

41.1 Overview .......................................................................................................................... 615

41.1.1 What You Can Do in this Chapter .......................................................................... 615

41.1.2 What You Need to Know ........................................................................................ 615

41.1.3 Example: Specifying a Web Site for Access .......................................................... 616

41.2 The SSL Application Screen ............................. .... ... ... ... .... ... ...... ... .... ... ... ... .... ... ... ... ... .... . 617

41.2.1 Creating/Editing a Web-based SSL Application Object ......................................... 618

Chapter 42

Endpoint Security.................................................................................................................621

42.1 Overview .......................................................................................................................... 621

42.1.1 What You Can Do in this Chapter .......................................................................... 622

42.1.2 What You Need to Know ........................................................................................ 622

42.2 Endpoint Security Screen ........ ... ... ... ... .... ... ... ... .... ... ... ... .... ... ... ...... .... ... ... ... .... ... ... ... ... .... . 623

42.3 Endpoint Security Add/Edit .............................................................................................. 624

Chapter 43

System...................................................................................................................................629

43.1 Overview .......................................................................................................................... 629

43.1.1 What You Can Do in this Chapter .......................................................................... 629

43.2 Host Name ....................................................................................................................... 630

43.3 USB Storage .................................................................................................................... 631

43.4 Date and Time ................................................................................................................. 631

43.4.1 Pre-defined NTP Time Servers List ............................................. ... ... .... ... ... ........... 634

ZyWALL USG 20/20W User’s Guide

23

Table of Contents

43.4.2 Time Server Synchronization ................................................................................. 635

43.5 Console Port Speed ......................................................................................................... 636

43.6 DNS Overview ................................................................................................................. 636

43.6.1 DNS Server Address Assignment .......................................................................... 637

43.6.2 Configuring the DNS Screen ................................ .......................................... ........ 637

43.6.3 Address Record .................................................................................................... 640

43.6.4 PTR Record ........................................................................................................... 640

43.6.5 Adding an Address/PTR Record ............................................................................ 640

43.6.6 Domain Zone Forwarder .................. ... ... .... ... ............................................. ... ... .....641

43.6.7 Adding a Domain Zone Forwarder .............................. ........................................... 641

43.6.8 MX Record ............................................................................................................642

43.6.9 Adding a MX Record ..............................................................................................643

43.6.10 Adding a DNS Service Control Rule .................................................................... 643

43.7 WWW Overview ..............................................................................................................644

43.7.1 Service Access Limitations .................................................................................... 644

43.7.2 System Timeout ..................................................................................................... 645

43.7.3 HTTPS ...................................................................................................................645

43.7.4 Configuring WWW Service Control ........................................................................ 646

43.7.5 Service Control Rules ............................................................................................ 650

43.7.6 Customizing the WWW Login Page ....................................................................... 650

43.7.7 HTTPS Example ....................................................................................................654

43.8 SSH .............................................................................................................................. 661

43.8.1 How SSH Works ...................................................... ... ... ... ... .... ... ... ........................ 662

43.8.2 SSH Implementation on the ZyWALL ..................................................................... 663

43.8.3 Requirements for Using SSH ................................................................................. 663

43.8.4 Configuring SSH ....................................................................................................663

43.8.5 Secure Telnet Using SSH Examples ...................................................................... 665

43.9 Telnet .............................................................................................................................. 666

43.9.1 Configuring Telnet .................................................................................................. 667

43.10 FTP ...............................................................................................................................668

43.10.1 Configuring FTP ................................................................................................... 668

43.11 SNMP ....................................... ... ... ... .............................................. ... ... ........................ 670

43.11.1 Supported MIBs ............... ... ... ... .............................................. ... ... ........................ 672

43.11.2 SNMP Traps .......................... ... .... ... ............................................. ... .... ... .............. 672

43.11.3 Configuring SNMP .............. ... ... .... ............................................. ... ... ..................... 672

43.12 Vantage CNM ...............................................................................................................674

43.12.1 Configuring Vantage CNM ................................................................................... 675

43.13 Language Screen .........................................................................................................677

Chapter 44

Log and Report .....................................................................................................................679

44.1 Overview .......................................................................................................................... 679

44.1.1 What You Can Do In this Chapter .......................................................................... 679

24

ZyWALL USG 20/20W User’s Guide

Table of Contents

44.2 Email Daily Report ..........................................................................................................679

44.3 Log Setting Screens .......................................................................................................681

44.3.1 Log Setting Summary ............................................................................................. 682

44.3.2 Edit System Log Settings ......................................................................................683

44.3.3 Edit Remote Server Log Settings ..........................................................................688

44.3.4 Active Log Summary Screen ............................. ............. ............. ............. ............. . 690

Chapter 45

File Manager..........................................................................................................................693

45.1 Overview .......................................................................................................................... 693

45.1.1 What You Can Do in this Chapter .......................................................................... 693

45.1.2 What you Need to Know ........................................................................................ 693

45.2 The Configuration File Screen .............................. ...................................................... .....696

45.3 The Firmware Package Screen ...................................................................................... 700

45.4 The Shell Script Screen .......................... ....................................................... .................702

Chapter 46

Diagnostics..........................................................................................................................705

46.1 Overview .......................................................................................................................... 705

46.1.1 What You Can Do in this Chapter .......................................................................... 705

46.2 The Diagnostic Screen ....................................................................................................705

46.2.1 The Diagnostics Files Screen ................................................................................ 706

46.3 The Packet Capture Screen ............................................................................................ 707

46.3.1 The Packet Capture Files Screen .......................................................................... 710

46.3.2 Example of Viewing a Packet Capture File ................................. ... ... .... ... ... ... ... ......711

46.4 Core Dump Screen ..........................................................................................................712

46.4.1 Core Dump Files Screen ......................... .......................................... ..................... 713

46.5 The System Log Screen .................................................................................................. 714

Chapter 47

Packet Flow Explore.............................................................................................................715

47.1 Overview .......................................................................................................................... 715

47.1.1 What You Can Do in this Chapter .......................................................................... 715

47.2 The Routing Status Screen ............................................................ ....................... ........... 715

47.3 The SNAT Status Screen ................................................................................................. 719

Chapter 48

Reboot....................................................................................................................................723

48.1 Overview .......................................................................................................................... 723

48.1.1 What You Need To Know ....................................................................................... 723

48.2 The Reboot Screen .........................................................................................................723

Chapter 49

Shutdown...............................................................................................................................725

ZyWALL USG 20/20W User’s Guide

25

Table of Contents

49.1 Overview .......................................................................................................................... 725

49.1.1 What You Need To Know ....................................................................................... 725

49.2 The Shutdown Screen ..................................................................................................... 725

Chapter 50

Troubleshooting....................................................................................................................727

50.1 Resetting the ZyWALL .....................................................................................................738

50.2 Getting More Troubleshooting Help ................................................................................. 739

Chapter 51

Product Specifications.........................................................................................................741

51.1 Power Adaptor Specifications ..........................................................................................745

Appendix A Log Descriptions...............................................................................................747

Appendix B Common Services.............................................................................................799

Appendix C Wireless LANs..................................................................................................803

Appendix D Importing Certificates........................................................................................819

Appendix E Open Software Announcements.......................................................................845

Appendix F Legal Information ..............................................................................................935

Index.......................................................................................................................................939

26

ZyWALL USG 20/20W User’s Guide

PART I

User’s Guide

27

28

CHAPTER 1

Introducing the ZyWALL

This chapter gives an overview of the ZyWALL. It explains the front panel ports,
LEDs, introduces the management methods, and lists different ways to start or
stop the ZyWALL.

1.1 Overview and Key Default Settings

The ZyWALL is a comprehensive security device. Its flexible configuration helps
network administrators set up the network and enforce security policies efficiently.
In addition, the ZyWALL provides excellent throughput, making it an ideal solution
for reliable, secure service.

The ZyWALL’s security features include VPN, firewall, content filtering, ADP
(Anomaly Detection and Protection), and certificates. It also provides bandwidth
management, Instant Messaging (IM) and Peer to Peer (P2P) control, NAT, port
forwarding, policy routing, DHCP server and many other powerful features.
Flexible configuration helps you set up the network and enforce security policies
efficiently. See Chapter 2 on page 37 for a more detailed overview of the ZyWALL’s
features.

The ZyWALL provides excellent throughput with the reliability of dual WAN Gigabit
Ethernet ports and load balancing. You can also use a 3G cellular USB (not
included) for a third WAN connection.

The ZyWALL lets you set up multiple networks for your company. The De­Militarized Zone (DMZ) increases LAN security by providing separate ports for
connecting publicly accessible servers. The ZyWALL also provides two separate
LAN networks. You can set ports to be part of the LAN1, WLAN, or DMZ.
Alternatively, you can deploy the ZyWALL as a transparent firewall in an existing
network with minimal configuration.

1.2 Wall-mounting

Do the following to attach your ZyWALL to a wall.

ZyWALL USG 20/20W User’s Guide

29

Chapter 1 Introducing the ZyWALL

USG 20

1 Screw the two screws provided with your ZyWALL into the wall 150 mm apart (see

the figure in step 2). Use screws with 6 mm ~ 8 mm (0.24" ~ 0.31") wide heads.
Do not screw the screws all the way in to the wall; leave a small gap between the
head of the screw and the wall.

The gap must be big enough for the screw heads to slide into the screw slots and
the connection cables to run down the back of the ZyWALL.

Note: Make sure the screws are securely fixed to the wall and strong enough to hold

the weight of the ZyWALL with the connection cables.

2 Align the holes on the back of the ZyWALL with the screws on the wall. Hang

the ZyWALL on the screws.

30

ZyWALL USG 20/20W User’s Guide